gell-web
model session activity for web based applications
Concepts
-
authority
- responsible for issuing
user
andbrowser
sessions - NOTE: this concept is really a
gell-session
concept
- responsible for issuing
-
login
session -
websocket
session
Session Model
- as with all
gell
systems, interaction with web applications is modeled as a Session hierarchy
Hierarchy
-
user
-
browser
login
websocket
-
Domain
-
user
- represents any person that interacts with a web application
- can be "anonymous" or known to the application
- often (but not required to be) tied to an
identity
-
identity
is not modeled by this package
-
browser
- maintains state for
user
and application over a period of time - persistence is typically cookie based
- maintains state for
-
login
- represents authenticated interaction with a web application
- allows for
browser
session to extend beyond period of time whereuser
has "logged in"
-
websocket
- represents a websocket connection between browser and web application backend
- NOTE: no Session implementation currently for a "secured" connection (after authorization)
Roadmap
- implement the "authorize" concept
- this should be a more general approach to associating a
user
with asession
- this might be a
gell-session
concept - should be an
authorize
event- or perhaps "authorizer" (future) instead of event
- allow client to specify cardinality rules
- this should be a more general approach to associating a
- solidify
role
andpersona
concepts- this might be in
gell-actor
- this might be in
- implement a generic "cardinality" concept
- this might be a
gell-session
concept - prevents more than one session to exists at a time
- provide strategies for preventing concurrent sessions
- this was implemented with websockets
-
authority
would enforce cardinality strategy
- this might be a